[Standards] Correction to 3290bis4

Alexey Melnikov alexey.melnikov at isode.com
Fri Nov 2 08:44:11 UTC 2007

Peter Saint-Andre wrote:

>Toly Menn wrote:
>>Also, section 7.3.4 indicates that the receiving end of the
>>connection SHOULD allow at least 2 and no more then 5 retries from
>>the abort.  Does this make sense for s2s connections?  EXTERNAL
>That rule (which IIRC we borrowed from RFC 4422) may not make sense for
>all SASL mechanisms or for s2s connections.

>However, for c2s connections
>it may make sense for SASL EXTERNAL because end users can have multiple
>certificates (I know I do).
As a side note: how do you select a particular certificate using SASL 
EXTERNAL? Are you using different authorization identity in a hope that 
the server end will match it against the correct client certificate.

More information about the Standards mailing list